Forum Discussion

TonyRedmond's avatar
Apr 21, 2023

Reducing the Likelihood of Token Theft with Conditional Access Policies

 

Token protection is a new session control (preview) for Azure AD conditional access policies. The idea is to bind a sign-in token to a user’s device to stop attackers attempting to reuse the token to compromise the user’s account. Only a limited set of Microsoft 365 apps support token protection at present, but it’s an idea that should help if token theft becomes as pervasive as some predict.

https://office365itpros.com/2023/04/21/token-protection-azure-ad-ca/

No RepliesBe the first to reply